Server :: How To Blacklist Spammer In Postfix
Jan 22, 2010
I am daily getting the same junk / spam email from this sender and I see two IP's in the headers / logs of my Postfix server. I searched my Postfix logs for both IP's:
Code:
[root@mail postfix]# cat /var/log/maillog | grep "67.212.170.242"
Jan 22 05:29:30 mail postfix/smtpd[12205]: connect from civismtp.uas.coop[67.212.170.242]
Jan 22 05:29:30 mail postgrey[2245]: action=pass, reason=client AWL, client_name=civismtp.uas.coop, client_address=67.212.170.242, sender=b.148.1296207.0e628e696f0d17ad@mail.wfmc.org, recipient=carlos@iamghost.com
Jan 22 05:29:30 mail postfix/smtpd[12205]: C00DB77A862: client=civismtp.uas.coop[67.212.170.242]
Jan 22 05:29:31 mail postfix/smtpd[12205]: disconnect from civismtp.uas.coop[67.212.170.242]
Jan 22 05:29:33 mail amavis[2351]: (02351-18) Passed CLEAN, [67.212.170.242] [192.220.23.216] <b.148.1296207.0e628e696f0d17ad@mail.wfmc.org> -> <carlos@iamghost.com>, Message-ID: <20100122095052.183D3192C012@civismtp.uas.coop>, mail_id: eY2CHd1Jva+X, Hits: -3.288, size: 22942, queued_as: 8A54C77A8E9, 2530 ms
How do I block / reject all email from this sender? Is there a specific section in Postfix like sender_access or client_access that I can 'reject' all mail from the above sender. What is the difference between IP's on the logs? I show 192.220.23.216 & 67.212.170.242 but can understand what the two separate IP's are for?
View 4 Replies
ADVERTISEMENT
Feb 7, 2011
I have a postfix system that sends allot of emails to customers and web site visitors. A lot of visitors just enter an invalid email in the WEB form just to download some files or do other tasks. Is it possible to BLACKLIST specific email addresses so the system does not send to those addresses? I can grep from the postfix mail log all those fake emails and place them somewhere.
View 4 Replies
View Related
Feb 26, 2010
I configured ( sendmail + Smarthost + pop-before-smtp settings + smtp auth settigns ), today i saw 18000 mail in mailq and somebody sending mail from my mailserver ,as i got reported by ISP for spaming. How someone broke the sendmail + pop-before-smtp settings. i usually access that system through webmin. Is webmin cause to hack password.
Or How someone break sendmail security without even choosing my own user / password spamper settings messages to smart hosts to yahoo / gmail with his own junk user name and password? I stopped sendmail for the time being. Any idea what i should look for and what i should go for its remediation?
View 3 Replies
View Related
Jul 2, 2010
The DHCP server on a network I use specifies a DNS server that I do not want to use. Is there a way to continue to use DHCP but to modify the provided information or to "blacklist" one (of the three provided) DNS servers?
The client in question is running Ubuntu 10.04. Networking is managed by NetworkManager but I'm not wedded to that. In fact, I don't like it and wouldn't mind a reason to use something else.
View 1 Replies
View Related
Sep 25, 2010
is there any HOWTO for configuring Webmin Postfix server with multiple postfix virtual hosts? Seems to be a tough challenge to set it up without any easy manual..
View 1 Replies
View Related
Oct 4, 2010
so i set out to change the default smtp port the server uses because my ISP blocks port 25 and i need the email to work in outlook. this morning i could receive email, but not send it. so i did some research and thought that i needed to edit the master.cf file in /etc/postfix/ by commenting out this line: smtp inet n - n - - smtpd -oand replace it with587 inet n - n - - smtpd (587 being the port i want to use)somewhere along the lines postfix server stopped running and now i cannot get it to start.if i try using SSH it crashes immediately and if i restart it in simple control panel nothing happens
View 7 Replies
View Related
Feb 25, 2011
I recently moved over user from an old box running postfix(v 2.0.16) over to rhel 6 running postfix (v mail_version = 2.6.6). ive tried to make sure all the files are of correct permissions and that the main.cf file is configured corectly. However there is something wrong as when i run postfix: service postfix server i get no error but when checking the status:service postfix status i get: master dead but pid file exists Looking into /var/log/mailog i find this line being the issue:
Feb 25 16:24:39 puny1 postfix/master[3517]: fatal: fifo_listen: create fifo public/pickup: Permission denied
I gather this is a file permission issue and ive tried to make sure the public folder in /var/spool/postfix is correctly set but still no avail.
View 2 Replies
View Related
Jan 21, 2010
I installed Redhat nash version 5.1.19.6 with kernel 2.6.18-128.el5-xen-i686 on a Dell Inspiron 1300 with Broadcom BCM4401 (eth0/LAN) and BCM4318 (eth1/WLAN). eth0 is working fine, but eth1 was causing trouble. After some difficulties with missing packages I managed to install ndiswrapper, blacklisted module bcm43xx in /etc/modprobe.d/blacklist and removed it, loaded module ndiswrapper and had connection. But after reboot module bcm43xx was again loaded. So blacklisting does not seem to work.And additionally strange to me, I cannot unload module bcm43xx anymore. And if I load ndiswrapper driver bcm43xx is still used as the terminal command 'dmesg' is showing me in the system log, while ndiswrapper was used when the connection was once and only once established
View 13 Replies
View Related
Mar 11, 2010
Here is what i do: make clean make makefiles CCARGS='-DEF_CONFIG_DIR="/opt/product/postfix-2.6.5/etc"
-DEF_COMMAND_DIR="/opt/product/postfix-2.6.5"
-DEF_DAEMON_DIR="/opt/product/postfix-2.6.5/libexec"
-DEF_MAILQ_PATH="/opt/product/postfix-2.6.5/bin/mailq"
-DEF_DATA_DIR="/opt/product/postfix-2.6.5/lib"
-DEF_NEWALIAS_DIR="/opt/product/postfix-2.6.5/bin/newaliases"
[Code]...
make install then i got this error: postfix: fatal: chdir(/usr/libexec/postfix): No such file or directory make: *** [install] Error 1 I don't understand why it's checking the usr/libexec folder for the daemons although I've set the folder to /opt/product/postfix-2.6.5/libexec in the makefile. Here is also the cat of my makedefs.out:
[Code]....
View 1 Replies
View Related
Jan 12, 2010
how can I best transfer my mails that are sitting on my old exim server to my new postfix server?
View 1 Replies
View Related
Jul 27, 2011
I am using postfix as spam Mailscanner to protect my mail server running sendmail. The problem is that when I forward an email from MailScanner mail me back with the following error:
<postmaster@localhost.@mydomain.com.>... Real domain name required for sender address (in reply to MAIL FROM command))
Jul 27 13:15:59 smtp postfix/local[28465]: C68AC1000001: to=<root@smtp.mydomain.com>,
[code]....
View 1 Replies
View Related
Nov 26, 2010
my postfix to send and recive external emails, but many recive in trash folder.Other programer say me that is need some configurations in postfix with and dovecot to work, but i dont know what!This is my first time configuring a linux server at this week.
my main.conf
sample_directory = /usr/share/doc/postfix-2.3.3/samples
readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES
[code]...
View 3 Replies
View Related
Apr 24, 2011
i need to configure postfix on centos to relay email from the internet to the Exchange Server and i also need that emails sent from the exchange within the same domain be sent to postfix then resent to exchange because i have spamassassin and clamav installed on centos to filter all incoming and outgoing mails ...
View 1 Replies
View Related
Sep 16, 2009
I did a a basic install of postfix and dovecot instead of using courier-pop and courier-imap. This is only send and receiving e-mail locally within the test network 10.7.0.X and 10.0.0.X. I used:
[URL]
my postfix.conf is;
PHP Code:
[code]....
This is the error when I send an email from a local machine on the 10.0.0.X network.
PHP Code:
Jan 20 17:05:48 testbox postfix/smtpd[2491]: warning: Illegal address syntax from unknown[10.0.0.111] in MAIL command: <test@10.0.0.112>
View 8 Replies
View Related
Jun 24, 2011
I've got an uber simple test mail script in php on my awesome new dev machine running Ubuntu:
PHP Code:
Unfortunately, something is preventing mail delivery. I can't tell from this error log whether it's the remote machine rejecting me or whether it's my machine rejecting the self-signed cert on the remote machine:
Code:
I'm wondering what I could change in my postfix configuration to remedy this problem.
I tried setting smtp_tls_security_level = may = may but this did not change anything.
View 10 Replies
View Related
Jun 23, 2010
i compiled and install postfix, and i using relayhost that point to my ISP. but my "DNS server" is on the same server where is installed postfix. and there is running apache with vhosts so i have domain that hosted on same server and in zonefiles of my domain my MX records points to Google Apps, to google's MX servers. But when i try send E-mail via sendmail to mail@mydomainonsameserver.com it not deliver mail to Google Apps totally, if i try to send to another E-mail everything fine it deliver it. so finally i done research this problem in Internet. And find that need to disable deliver mail to localhost(localdelivery)as i think postfix understand that the domain point to the same server where postfix have itself. and try to deliver mail local. but zonefile MX record even the domain on same server can point to another server outside. So i disabled localdelivery in postfix. and problem not fixed
View 2 Replies
View Related
Mar 18, 2010
I am running CentOS 5.4 and Postfix. So when I start Postfix server than immediately maillog is starting to grow. And the first lines that I see in it are:
[Code]...
Server is already in several blacklists and I desperately need to do something.
View 12 Replies
View Related
Sep 29, 2010
I am running Fedora 10, Postfix and Dovecot I recently changed the password of a user using the 'passwd' command. The problem is that the user can no longer receive their email messages in Thunderbird (Authentication Error). However, they can still login using SquirrelMail and get their mail.
View 2 Replies
View Related
Dec 25, 2010
I recently had the need to relay SMTP mail through our organizations hosted MS Exchange server. I had to do a little troubleshooting, so I wrote a concise summary of the procedure I followed.
View 1 Replies
View Related
Apr 4, 2010
i have setup mailrelay using postfix and relay email to exchange server. The problem is how can i relay email to multiple exchange server. For example: -
domain aa.bb.com relay to exchange server 10.10.10.10
domain 123.test.com relay to exchange server 192.168.10.5
View 5 Replies
View Related
Apr 20, 2010
I am newbie to postfix. I added a new domain to my postfix server in the main.cf under mydestinations variable and the relay_domains file. Also, added this domain to my backend exchange server. When I send a test message from the new domain, my messages from that domain appear to be stuck in the "queue active". What does it mean when you are stuck in this queue? Does this mean that my backend email server (exchange 2003) isn't allowing messages from this new domain OR that the POSTFIX server still needs configuring.
View 2 Replies
View Related
Oct 2, 2010
Having my Diploma Final Project on setting up a virtual mail server within Local Area Network (LAN) only.I had follow this how-to http://www.linuxmail.info/squirrelma...o-in-centos-5/ and complete up to squirrealmail web mail. I added two new user to try on sending and receiving mail. It works.I run CentOS on VMplayer. I using my laptop to do all the stuff, the laptop default OS is windows 7, i install VM player on it and run CentOS inside the VM Player.I want to do testing on Windows 7 side by installing Thunderbird email client program, i want to connect to mail server with SMTP, IMAP/POP3 using the email service. I have problem while setting up user account on Thunderbird, Thunderbird seems like cannot detect my CentOS mail server. How ?
Do i have to do any other configuration on CentOS ? any DNS ? port number for IMAP,POP3 or SMTP ?
View 1 Replies
View Related
Apr 10, 2010
I'm trying to configure Postfix with a mail server that I programmed in C. The main.cf is set in this way :
Code:
relayhost = [myMailServer.localhost]
smtp_sasl_auth_enable = no
smtp_use_tls = no
disable_dns_lookups=yes
smtp_never_send_ehlo = yes
code....
I don't know why it doesn't receive response after HELO. In fact if I debug my mail server with gdb, I can see it sends a 250 response code. Moreover, I've tested my server both with traditional mail clients, as Thunderbird, and through telnet session and it works very well.
View 6 Replies
View Related
Apr 7, 2011
I'm trying to get my server back up to snuff. I'm using Debian Squeeze right now and I'm up and atom with apache, mysql, php, pureftpd, ssh, and I have squirrelmail installed.
My dilemma comes with the mail part of the whole ordeal, Postfix and Courier are installed, have their keys made, and for what I assume, are configured correctly. HOW do I make new virtual users? My domain points to this machine as well as my MX record for mail.mydomain.com.
I need IMAP and POP working. And upon the creation of new email users, will SquirrelMail interface with Postfix and Courier? When I installed SM I set it up for use with Courier.
View 1 Replies
View Related
Jun 11, 2011
I have been trying to set up a home mail server with postfix ever since I can remeber. Im yet to find a good tutorial for this. I dont have a static ip address or anything so this has to be done with the help of dyndns free account. good and convincing tutorial in order for me to do this. OS- Redhat5 or fedora
View 7 Replies
View Related
Feb 10, 2010
My postfix server will not allow me to send mail except if I am on the server it self.My postfix conf is as follows.
server:~ # postconf -n
alias_maps = hash:/etc/aliases
biff = no
[code]...
View 5 Replies
View Related
Mar 7, 2011
how to configure inside my postfix server for filter different subdomains using more than one relayhost. In my case I have 4 subdomains and I need to create other "test.mydomain.com" appointing to a new relayhost. This is a internal process to change the antispam appliance.
View 2 Replies
View Related
May 19, 2010
for the life of me I am unable to get this module not to load
root@milomak-mac:~# cat /etc/modprobe.d/blacklist.conf
# This file lists modules which will not be loaded as the result of
# alias expansion, with the purpose of preventing the hotplug subsystem
[code]....
View 8 Replies
View Related
Mar 29, 2009
I have a server setup that is getting repeatedly hit by the same IP address it has tried accessing my vsftp and /drupal/cron.php. For security reason I have disabled vsftpd while I am not using it. The webserver on the other hand I need to leave running.
Code:
- pam_unix Begin -
vsftpd: Unknown Entries:
check pass; user unknown: 2708 Time(s)
authentication failure; logname= uid=0 euid=0 tty=ftp ruser=Administrator rhost=211.161.251.123 : 2282 Time(s)
authentication failure; logname= uid=0 euid=0 tty=ftp ruser=administrator rhost=211.161.251.123 : 426 Time(s)
- pam_unix End -
I would like to be able to add the ip to a blacklist. Additionally I would like to whitelist my own ip when I am working remotely, my remote location doesn't match my reverse dns and my server gives me an error at the end of the day that someone (myself) might be trying to break in. Running Fedora Core 9 in case it matters.
View 4 Replies
View Related
Dec 13, 2010
Postfix Configuration needed and its use
View 1 Replies
View Related